Apple vows to fix Thunderstrike 2 exploit in Macs ‘as soon as possible’

BY Killian Bell

Published 5 Aug 2015

iMac Thunderbolt ports

Apple has vowed to eliminate the Thunderstrike 2 exploit in Macs “as soon as possible,” according to The GuardianThe promise comes just days after the firmware worm was first made public by a team of security researchers at LegbaCorp.

Thunderstrike 2 is the first firmware worm of its kind. It has the ability to infect Macs at the deepest possible level, which means once your machine has been compromised, it is impossible to cure it. The worm is not killed by reinstalling OS X, or even by reinstalling a new hard drive.

“For most users that’s really a throw-your-machine-away kind of situation,” explained Xeno Kovah, one of the researchers who first discovered the exploit. “Most people and organizations don’t have the wherewithal to physically open up their machine and electrically reprogram the chip.”

What’s more, Thunderstrike 2 can be shared via Thunderbolt devices, so if one of your Macs gets it and you use any Thunderbolt peripherals with other machines, it’s likely they’ll end up with it, too.

LegbaCorp has already notified Apple of its findings, and one of the vulnerabilities has already been patched. Another has been partially patched, but three others remain unfixed.

Now that we’re all aware of Thunderstrike 2, however, Apple will be in a hurry to eliminate it as quickly as possible — and it has vowed to do just that.

In the meantime, “Apple has taken interim measures to prevent further exploitation of the vulnerability, including revoking the credentials of developers who use it, and including any app which does so on the company’s regularly updated list of malware,” The Guardian reports.